[$] What to do about CVE numbers

Common Vulnerability and Exposure (CVE) numbers have been used for manyyears as a way of uniquely identifying software vulnerabilities. It hasbecome increasingly clear in recent years that there are problems with CVEnumbers, though, and increasing numbers ofvulnerabilities are not being assigned CVE numbers at all. At the 2019 Kernel Recipes event, GregKroah-Hartman delivered a "40-minute rant with an unsatisfactoryconclusion" on CVE numbers and how the situation might be improved. The conclusion may be"unsatisfactory", but it seems destined to stir up some discussionregardless.